sahibindnguvenliodeme.com
Open in
urlscan Pro
145.239.120.141
Malicious Activity!
Public Scan
URL:
https://sahibindnguvenliodeme.com/paramguvende/mobil.php?id=5-koltuk-tak&c4&b1m&c4&b1
Submission: On July 06 via api from NL — Scanned from PL
Submission: On July 06 via api from NL — Scanned from PL
Summary
This website contacted 5 IPs
in 4 countries
across 5 domains to perform 39 HTTP transactions.
The main IP is 145.239.120.141, located in
Poland and
belongs to OVH, FR.
The main domain is sahibindnguvenliodeme.com.
TLS certificate: Issued by R10 on July 4th 2024. Valid for: 3 months.
This is the only time sahibindnguvenliodeme.com was scanned on urlscan.io!
TLS certificate: Issued by R10 on July 4th 2024. Valid for: 3 months.
This is the only time sahibindnguvenliodeme.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Sahibinden (Classifieds)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 16 | 145.239.120.141 145.239.120.141 | 16276 (OVH) (OVH) | |
| 2 4 | 104.17.248.203 104.17.248.203 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 8 | 85.153.138.73 85.153.138.73 | 34984 (TELLCOM-AS) (TELLCOM-AS) | |
| 1 | 69.192.160.219 69.192.160.219 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
| 39 | 5 |
16
145.239.120.141
(Poland)
ASN16276 (OVH, FR)
PTR: ip141.ip-145-239-120.eu
ASN16276 (OVH, FR)
PTR: ip141.ip-145-239-120.eu
| sahibindnguvenliodeme.com |
1
69.192.160.219
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
| tags.bluekai.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 16 |
sahibindnguvenliodeme.com
sahibindnguvenliodeme.com |
818 KB |
| 8 |
shbdn.com
s0.shbdn.com — Cisco Umbrella Rank: 105906 |
202 KB |
| 4 |
unpkg.com
2 redirects
unpkg.com — Cisco Umbrella Rank: 1085 |
61 KB |
| 1 |
bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 1012 |
|
| 0 |
sahibinden.com
Failed
banaozel.sahibinden.com Failed www.sahibinden.com Failed |
|
| 39 | 5 |
| Domain | Requested by | |
|---|---|---|
| 16 | sahibindnguvenliodeme.com |
sahibindnguvenliodeme.com
|
| 8 | s0.shbdn.com |
sahibindnguvenliodeme.com
|
| 4 | unpkg.com |
2 redirects
sahibindnguvenliodeme.com
|
| 1 | tags.bluekai.com |
sahibindnguvenliodeme.com
|
| 0 | www.sahibinden.com Failed | |
| 0 | banaozel.sahibinden.com Failed |
sahibindnguvenliodeme.com
|
| 39 | 6 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| sahibindnguvenliodeme.com R10 |
2024-07-04 - 2024-10-02 |
3 months | crt.sh |
| *.shbdn.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-28 - 2024-10-01 |
a year | crt.sh |
| odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-12-11 - 2024-12-11 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://sahibindnguvenliodeme.com/paramguvende/mobil.php?id=5-koltuk-tak&c4&b1m&c4&b1
Frame ID: BEA7BFA66510AA09D562691A1E568689
Requests: 39 HTTP requests in this frame
12 Outgoing links
These are links going to different origins than the main page.
URL: https://yardim.sahibisxnden.com/hc/tr
Title: Yardım ve İşlem Rehberi
Title: Yardım ve İşlem Rehberi
Search URL Search Domain Scan URL
URL: https://www.facebook.com/sahibinsdencom
Title: Facebook
Title: Facebook
Search URL Search Domain Scan URL
URL: https://www.twitter.com/sahibindencom
Title: Twitter
Title: Twitter
Search URL Search Domain Scan URL
URL: https://www.linkedin.com/company/sahibinden-com
Title: Linkedin
Title: Linkedin
Search URL Search Domain Scan URL
URL: https://www.instagram.com/sahibindencom/
Title: Instagram
Title: Instagram
Search URL Search Domain Scan URL
URL: https://www.youtube.com/user/sahibindencom
Title: Youtube
Title: Youtube
Search URL Search Domain Scan URL
URL: https://yardim.sahibindsen.com/hc/tr
Title: yardim.sahibinden.com
Title: yardim.sahibinden.com
Search URL Search Domain Scan URL
URL: https://www.guvendamgasi.org.tr/firmadetay.php?Guid=25680f1d-270b-11ea-991b-48df373f4850
Search URL Search Domain Scan URL
URL: https://etbis.eticaret.gov.tr/sitedogrulama/A5A0C8D9C9844AA4881F75323D212DA1
Search URL Search Domain Scan URL
URL: https://sahibindnguvenliodeme.com.tr/param-guvende/
Title: Anasayfa
Title: Anasayfa
Search URL Search Domain Scan URL
URL: https://magical-bartik.51-103-76-3.plesk.page/
Title: Arama
Title: Arama
Search URL Search Domain Scan URL
URL: https://magical-bartik.51-103-76-3.plesk.page/index.php?type=phone&q=apple-11-128-gb-paramguvende
Title: Satın Al
Title: Satın Al
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- https://unpkg.com/swiper/swiper-bundle.min.css HTTP 302
- https://unpkg.com/swiper@11.1.4/swiper-bundle.min.css
- https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
- https://unpkg.com/swiper@11.1.4/swiper-bundle.min.js
39 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
mobil.php
sahibindnguvenliodeme.com/paramguvende/ |
57 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app.css
sahibindnguvenliodeme.com/paramguvende/assets/mobil/css/ |
203 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
responsive.css
sahibindnguvenliodeme.com/paramguvende/assets/mobil/css/ |
426 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
swiper-bundle.min.css
unpkg.com/swiper@11.1.4/ Redirect Chain
|
18 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
948294541.jpg
sahibindnguvenliodeme.com/paramguvende/dosyalar/resim/ |
104 KB 104 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
725792624.jpg
sahibindnguvenliodeme.com/paramguvende/dosyalar/resim/ |
104 KB 104 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
320051202.jpg
sahibindnguvenliodeme.com/paramguvende/dosyalar/resim/ |
104 KB 104 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
437509553.jpg
sahibindnguvenliodeme.com/paramguvende/dosyalar/resim/ |
104 KB 104 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
145693973.jpg
sahibindnguvenliodeme.com/paramguvende/dosyalar/resim/ |
104 KB 104 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
etbis.png
sahibindnguvenliodeme.com/paramguvende/assets/adres/images/ |
35 KB 35 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
agent-placeholder_34ab869881b6340066905bbef1ed694a.png
sahibindnguvenliodeme.com/paramguvende/assets/mobil/images/ |
962 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
header:c6b3129350353426751445b895a83cd7.png
s0.shbdn.com/assets/images/ |
47 KB 48 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
LucidaGrande.woff
sahibindnguvenliodeme.com/paramguvende/assets/mobil/css/font/ |
35 KB 35 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
detail:8da7b49a68be47c286076d20366d1ef6.png
s0.shbdn.com/assets/images/ |
48 KB 48 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
paylas:4eb3ef6ff808dae24872975bc3e39ade.png
s0.shbdn.com/assets/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
video_passive:35648402316781a17a3929eb3ee0d540.png
s0.shbdn.com/assets/images/ |
292 B 412 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
classifiedDetail:646f9feae5f53efb7c918973d29c9fd5.png
s0.shbdn.com/assets/images/ |
71 KB 72 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
classifiedDetail:2a3ab34602b39bfe468d866c455bca65.png
s0.shbdn.com/assets/images/ |
18 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
footer:431f7032690d6f5c31a44bc8e7413480.png
s0.shbdn.com/assets/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
group-2:aa3f890f7a83e1ccf00f8a24b53f033b.png
s0.shbdn.com/assets/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
info.png
sahibindnguvenliodeme.com/paramguvende/assets/mobil/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
AvenirNextLTW04-Medium:01966d00d03af3048b3f7a35b000f3a6.woff2
s0.shbdn.com/assets/blob/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
AvenirNextW04-Demi:ff4b64120fd7273a6eea62db3bf1eee5.woff2
s0.shbdn.com/assets/blob/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
LucidaGrande-Bold.woff
sahibindnguvenliodeme.com/paramguvende/assets/mobil/css/font/ |
30 KB 30 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
AvenirNextW04-Regular:0593b70c0dee7832e0da7cf9608a4713.woff2
s0.shbdn.com/assets/blob/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gallery.js
sahibindnguvenliodeme.com/paramguvende/assets/mobil/java/ |
3 KB 832 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
responsiveGallery.js
sahibindnguvenliodeme.com/paramguvende/assets/mobil/java/ |
3 KB 867 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
commonmob.js
sahibindnguvenliodeme.com/paramguvende/assets/mobil/java/ |
589 KB 121 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
39228
tags.bluekai.com/site/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
swiper-bundle.min.js
unpkg.com/swiper@11.1.4/ Redirect Chain
|
147 KB 54 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
info
banaozel.sahibinden.com/ajax/login/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
info
banaozel.sahibinden.com/ajax/login/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
AvenirNextW04-Demi:71c9ab83a35d5b47858cf615b4d57b91.woff
s0.shbdn.com/assets/blob/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
AvenirNextLTW04-Medium:0593ca00c5a519fc8a6401f235793b1e.woff
s0.shbdn.com/assets/blob/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
AvenirNextW04-Regular:c8b2bcdedacc94e4d8be1299ded8275b.woff
s0.shbdn.com/assets/blob/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
AvenirNextLTW04-Medium:d368750b9ae601515fcda40e5c46ea45.ttf
s0.shbdn.com/assets/blob/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
AvenirNextW04-Demi:93aa83272eb53f08244a3637b0b1e970.ttf
s0.shbdn.com/assets/blob/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
AvenirNextW04-Regular:de8008386d2408fa41db003d42bed37d.ttf
s0.shbdn.com/assets/blob/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
favicon.ico
www.sahibinden.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- s0.shbdn.com
- URL
- https://s0.shbdn.com/assets/blob/AvenirNextLTW04-Medium:01966d00d03af3048b3f7a35b000f3a6.woff2
- Domain
- s0.shbdn.com
- URL
- https://s0.shbdn.com/assets/blob/AvenirNextW04-Demi:ff4b64120fd7273a6eea62db3bf1eee5.woff2
- Domain
- s0.shbdn.com
- URL
- https://s0.shbdn.com/assets/blob/AvenirNextW04-Regular:0593b70c0dee7832e0da7cf9608a4713.woff2
- Domain
- banaozel.sahibinden.com
- URL
- https://banaozel.sahibinden.com/ajax/login/info
- Domain
- banaozel.sahibinden.com
- URL
- https://banaozel.sahibinden.com/ajax/login/info
- Domain
- s0.shbdn.com
- URL
- https://s0.shbdn.com/assets/blob/AvenirNextW04-Demi:71c9ab83a35d5b47858cf615b4d57b91.woff
- Domain
- s0.shbdn.com
- URL
- https://s0.shbdn.com/assets/blob/AvenirNextLTW04-Medium:0593ca00c5a519fc8a6401f235793b1e.woff
- Domain
- s0.shbdn.com
- URL
- https://s0.shbdn.com/assets/blob/AvenirNextW04-Regular:c8b2bcdedacc94e4d8be1299ded8275b.woff
- Domain
- s0.shbdn.com
- URL
- https://s0.shbdn.com/assets/blob/AvenirNextLTW04-Medium:d368750b9ae601515fcda40e5c46ea45.ttf
- Domain
- s0.shbdn.com
- URL
- https://s0.shbdn.com/assets/blob/AvenirNextW04-Demi:93aa83272eb53f08244a3637b0b1e970.ttf
- Domain
- s0.shbdn.com
- URL
- https://s0.shbdn.com/assets/blob/AvenirNextW04-Regular:de8008386d2408fa41db003d42bed37d.ttf
- Domain
- www.sahibinden.com
- URL
- https://www.sahibinden.com/favicon.ico
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Sahibinden (Classifieds)45 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage object| photoArr number| count function| placeHolderTrigger object| _bindeni18n string| defaultAjaxMethod string| defaultAjaxType number| defaultAjaxTimeout string| documentLanguage boolean| passiveEventSupported object| options function| UpdateQueryString function| checkSelectedCombos function| checkIfElementExist string| ua boolean| isIosWebview boolean| isAndroidApp boolean| isAndroidWebview boolean| isWebview boolean| isIos boolean| isAndroid boolean| isMobile boolean| isMac boolean| isWin function| simpleUAChecker function| _e object| cookieUtils object| blueKaiHelper function| elementHasClass function| getkey function| isNumericKey function| buildDefaultJqueryValidatorOptions function| generateOnlyNumber function| lightbox object| screenUtils function| $ function| jQuery function| placeholderPollyFill object| jQuery11130452340442440311 object| debug object| shbdn_rum function| Swiper object| swiper1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .sahibinden.com/ | Name: __cf_bm Value: m98RpZF3nB3nVW0X4MavPWEPUMxgoMombjxcLbMLSMQ-1720299424-1.0.1.1-3YzMROE7ovbnkOPxKs1ekZJ5R890jtKoQbNAlsz.12cxBmUpg42FZHw4OouLtJj891xGO9i9faZ9YJ3GSzITsA |
24 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
banaozel.sahibinden.com
s0.shbdn.com
sahibindnguvenliodeme.com
tags.bluekai.com
unpkg.com
www.sahibinden.com
banaozel.sahibinden.com
s0.shbdn.com
www.sahibinden.com
104.17.248.203
145.239.120.141
69.192.160.219
85.153.138.73
00a8e410f3374bb35ce67c08b3abc4636385295fac66d2c2d610dd07d3a1e7bd
0859b5ac6be24f29f4c93380fd4e02fe8a37e840286f55c0d4b4fcfdbdb0d701
0a9e8c4bdfe123d1b0b73263cb9c16321b8d147484b3f425d36e8af80b1b7a02
0f25ebd593326ddf271d02e4231cb7a6a5bfe54bddb282a8633ecbed666e8082
24eacb3becfe547b616e0be8a6999716b7fb1bebd27641cb324e6f025ef0edf7
437e1b5e36a4ecb1172347aa301afbb70e7bfbc6e6cdb7567597a39893e2b524
56774778bb06de4dddea846c376a6371079d6ee94e4160f6fe3bf87db1ff1812
8b401be58dd16abd16a47ff444ec853ecf589fbb5e59c67c7f3075c45350a047
8be01481eb0eb78a001c63988888b85c62e1f8deddefd2ce82b6a0ae771ab555
95a74e168be9430efa6fd93474d7b6b5640d7c6d6b1ee65f6bd1e04390eb7606
9e69888ea0cb4421ac721fe340efffb88c3e7e6917169949656b7bae92218a53
ac20020d60a9fd5cc8874aec07e8a940233d5c1bcef0735ed1f35239ae2ccacd
affe37b465da5c8e7605b32ce0f19dd9c4d10a73f9a9c73484c98336bb6af25d
b40a6b4901212b611472999a4f3b0c0347813ae58891aa0019c55521ef7b7eab
d7866132d4d655f25ba5f870d272556c8326d1cfbe07475654285a2094dd56a5
e20107d8894d77eeb5eb27c9817c0fd4be47ea40a2b5045e61cb68c5c1cfdf03
e6792bc2356c88d7cacf7351d64da1e7eaade694b9485daef7f4c84f5844968c
e7dbc6e3323cbc5abf697d57e30f7367567ddf2d36dfee87ea77dec0644601c9
f118f538e16a186a74de857b7fadba210a3116bb4698e7aa9988602eaf23b07a
f2e26a8e5e8654991441ffe87ae1daf25a4049d3f37d788ad96c31d31303ccbc
f5f6bdd8c7b8e9421a4a9a192b5964d536f0e6f114a7729d14342024896da804